[graylog2] Trying to manage the Graylog Server with the separate graylog web in 2.1.1 version

Shah Zaib Tue, 27 Sep 2016 06:00:42 -0700

Hi everyone,

I am trying to deploy the two nodes of *graylog .*


each instance is in separate, virtual machine.

I configure one node with the web interface enable and I called this 
*graylog-web.*

another node is configured as the web interface disabled and i called this 
*graylog-server*. 

The purpose of doing this to separate the graylog server and use the 
rest-api as in the *graylog-web.*

The *graylog-web* will communicate to mongodb and elasticsearch through the 
*graylog-server 
*rest-api.

*mongodb * and the *elasticsearch * are also running on separately virtual 
machine.

In the *graylog-server * logs you can see it's successfully connected to 
both of them.

the purpose of doing all this to implement the Graylog Bigger Setup 
<http://www.google.com/url?q=http%3A%2F%2Fdocs.graylog.org%2Fen%2F2.0%2Fpages%2Farchitecture.html%23bigger-production-setup&sa=D&sntz=1&usg=AFQjCNFCqBjZ20fqeG-vWpJemKBr9kO-xg>
.

I am using this environment


   - Graylog Version: 2.1.1
   - Elasticsearch Version: 2.4.0
   - MongoDB Version: 3.2.9
   - Operating System: ubuntu 14.04 on all virtual machine



Please have a look to my configuration filed of *graylog-server* and 
*graylog-web.*

*Please Correct me if I am doing something wrong and missing.* 

###########################################################################################################################################################
The conf file of *graylog-server* is 
###########################################################################################################################################################

is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = my_secret_key
root_password_sha2 = my_secret_key
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://*graylog-server-ip*:12900/
rest_transport_uri = http://*graylog-server-ip*:12900/
rest_enable_cors = true
web_enable = false
 Default: $rest_transport_uri
web_enable_cors = false
web_enable_gzip = false
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_cluster_name = graylog-distribution
elasticsearch_discovery_zen_ping_unicast_hosts = *elasticsearch-ip*:9300
elasticsearch_discovery_zen_ping_unicast_hosts = *elasticsearch-ip*:9300
elasticsearch_network_host = *graylog-server-ip*
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://my_user:my_password@*mongodb_ip*
:27017/graylog?replicaSet=graylogDist
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32
elasticsearch_discovery_zen_ping_multicast_enabled = false

###########################################################################################################################################################
the conf file of *graylog-web* is
###########################################################################################################################################################

is_master = false
node_id_file = /etc/graylog/server/node-id
password_secret = my_secret_key
root_password_sha2 = my_secret_key
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://*graylog-server-ip*:12900/
rest_transport_uri = http://*graylog-server-ip*:12900/
rest_enable_cors = true
web_enable = true
web_listen_uri = http://*graylog-web-ip*:9000/
 Default: $rest_transport_uri
web_enable_cors = true
web_enable_gzip = false
web_enable_tls = false
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_cluster_name = graylog-distribution
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32

###########################################################################################################################################################

when I run this command on graylog*-server *its give me this
---------------------------------------------------------------------
curl -X GET http://elasticsearch-ip:9200
{
  "name" : "elasticsearch1",
  "cluster_name" : "graylog-distribution",
  "version" : {
    "number" : "2.4.0",
    "build_hash" : "ce9f0c7394dee074091dd1bc4e9469251181fc55",
    "build_timestamp" : "2016-08-29T09:14:17Z",
    "build_snapshot" : false,
    "lucene_version" : "5.5.2"
  },
  "tagline" : "You Know, for Search"
}

###########################################################################################################################################################
and i getting this error in *server.log * in   *graylog-web *
###########################################################################################################################################################

2016-09-27T11:33:02.489Z INFO  [CmdLineTool] Loaded plugin: Elastic Beats 
Input 1.1.1 [org.graylog.plugins.beats.BeatsInputPlugin]
2016-09-27T11:33:02.491Z INFO  [CmdLineTool] Loaded plugin: Collector 1.1.1 
[org.graylog.plugins.collector.CollectorPlugin]
2016-09-27T11:33:02.491Z INFO  [CmdLineTool] Loaded plugin: Enterprise 
Integration Plugin 1.1.1 
[org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin]
2016-09-27T11:33:02.492Z INFO  [CmdLineTool] Loaded plugin: MapWidgetPlugin 
1.1.1 [org.graylog.plugins.map.MapWidgetPlugin]
2016-09-27T11:33:02.492Z INFO  [CmdLineTool] Loaded plugin: Pipeline 
Processor Plugin 1.1.1 
[org.graylog.plugins.pipelineprocessor.ProcessorPlugin]
2016-09-27T11:33:02.492Z INFO  [CmdLineTool] Loaded plugin: Anonymous Usage 
Statistics 2.1.1 [org.graylog.plugins.usagestatistics.UsageStatsPlugin]
2016-09-27T11:33:02.594Z INFO  [CmdLineTool] Running with JVM arguments: 
-Xms1g -Xmx1g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC 
-XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC 
-XX:-OmitStackTraceInFastThrow 
-Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml 
-Djava.library.path=/usr/share/graylog-server/lib/sigar 
-Dgraylog2.installation_source=deb
2016-09-27T11:33:05.198Z INFO  [InputBufferImpl] Message journal is enabled.
2016-09-27T11:33:05.259Z INFO  [NodeId] Node ID: 
56eadd30-28b7-4eb1-a605-8ef7e1f702c5
2016-09-27T11:33:05.614Z INFO  [LogManager] Loading logs.
2016-09-27T11:33:05.714Z INFO  [LogManager] Logs loading complete.
2016-09-27T11:33:05.714Z INFO  [KafkaJournal] Initialized Kafka based 
journal at /var/lib/graylog-server/journal
2016-09-27T11:33:05.746Z INFO  [InputBufferImpl] Initialized 
InputBufferImpl with ring size <65536> and wait strategy 
<BlockingWaitStrategy>, running 2 parallel message handlers.
2016-09-27T11:33:05.790Z INFO  [cluster] Cluster created with settings 
{hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, 
serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000}
2016-09-27T11:33:05.848Z INFO  [cluster] Exception in monitor thread while 
connecting to server localhost:27017
com.mongodb.MongoSocketOpenException: Exception opening socket
at com.mongodb.connection.SocketStream.open(SocketStream.java:63) 
~[graylog.jar:?]
at 
com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:115)
 
~[graylog.jar:?]
at 
com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:116)
 
[graylog.jar:?]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_101]
Caused by: java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:1.8.0_101]
at 
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) 
~[?:1.8.0_101]
at 
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
 
~[?:1.8.0_101]
at 
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) 
~[?:1.8.0_101]
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:1.8.0_101]
at java.net.Socket.connect(Socket.java:589) ~[?:1.8.0_101]
at 
com.mongodb.connection.SocketStreamHelper.initialize(SocketStreamHelper.java:50)
 
~[graylog.jar:?]
at com.mongodb.connection.SocketStream.open(SocketStream.java:58) 
~[graylog.jar:?]
... 3 more
2016-09-27T11:33:05.910Z INFO  [cluster] No server chosen by 
ReadPreferenceServerSelector{readPreference=primary} from cluster 
description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, 
serverDescriptions=[ServerDescription{address=localhost:27017, 
type=UNKNOWN, state=CONNECTING, 
exception={com.mongodb.MongoSocketOpenException: Exception opening socket}, 
caused by {java.net.ConnectException: Connection refused}}]}. Waiting for 
30000 ms before timing out
2016-09-27T11:33:35.871Z ERROR [MongoConnectionProvider] Error connecting 
to MongoDB: Timed out after 30000 ms while waiting for a server that 
matches ReadPreferenceServerSelector{readPreference=primary}. Client view 
of cluster state is {type=UNKNOWN, servers=[{address=localhost:27017, 
type=UNKNOWN, state=CONNECTING, 
exception={com.mongodb.MongoSocketOpenException: Exception opening socket}, 
caused by {java.net.ConnectException: Connection refused}}]
2016-09-27T11:33:36.395Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] version[2.3.5], pid[31096], 
build[90f439f/2016-07-27T10:36:52Z]
2016-09-27T11:33:36.395Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] initializing ...
2016-09-27T11:33:36.400Z INFO  [plugins] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] modules [], plugins 
[graylog-monitor], sites []
2016-09-27T11:33:38.634Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] initialized
2016-09-27T11:33:38.661Z INFO  [cluster] No server chosen by 
WritableServerSelector from cluster description 
ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, 
serverDescriptions=[ServerDescription{address=localhost:27017, 
type=UNKNOWN, state=CONNECTING, 
exception={com.mongodb.MongoSocketOpenException: Exception opening socket}, 
caused by {java.net.ConnectException: Connection refused}}]}. Waiting for 
30000 ms before timing out

###########################################################################################################################################################
But on the *graylog-server *is fully functioning 
below is the log file of *graylog-server *
###########################################################################################################################################################

2016-09-27T11:48:28.641Z INFO  [CmdLineTool] Loaded plugin: Elastic Beats 
Input 1.1.1 [org.graylog.plugins.beats.BeatsInputPlugin]
2016-09-27T11:48:28.642Z INFO  [CmdLineTool] Loaded plugin: Collector 1.1.1 
[org.graylog.plugins.collector.CollectorPlugin]
2016-09-27T11:48:28.643Z INFO  [CmdLineTool] Loaded plugin: Enterprise 
Integration Plugin 1.1.1 
[org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin]
2016-09-27T11:48:28.643Z INFO  [CmdLineTool] Loaded plugin: MapWidgetPlugin 
1.1.1 [org.graylog.plugins.map.MapWidgetPlugin]
2016-09-27T11:48:28.643Z INFO  [CmdLineTool] Loaded plugin: Pipeline 
Processor Plugin 1.1.1 
[org.graylog.plugins.pipelineprocessor.ProcessorPlugin]
2016-09-27T11:48:28.644Z INFO  [CmdLineTool] Loaded plugin: Anonymous Usage 
Statistics 2.1.1 [org.graylog.plugins.usagestatistics.UsageStatsPlugin]
2016-09-27T11:48:28.769Z INFO  [CmdLineTool] Running with JVM arguments: 
-Xms1g -Xmx1g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC 
-XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC 
-XX:-OmitStackTraceInFastThrow 
-Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml 
-Djava.library.path=/usr/share/graylog-server/lib/sigar 
-Dgraylog2.installation_source=deb
2016-09-27T11:48:31.453Z INFO  [InputBufferImpl] Message journal is enabled.
2016-09-27T11:48:31.496Z INFO  [NodeId] Node ID: 
56eadd30-28b7-4eb1-a605-8ef7e1f702c5
2016-09-27T11:48:31.699Z INFO  [LogManager] Loading logs.
2016-09-27T11:48:31.850Z INFO  [LogManager] Logs loading complete.
2016-09-27T11:48:31.850Z INFO  [KafkaJournal] Initialized Kafka based 
journal at /var/lib/graylog-server/journal
2016-09-27T11:48:31.902Z INFO  [InputBufferImpl] Initialized 
InputBufferImpl with ring size <65536> and wait strategy 
<BlockingWaitStrategy>, running 2 parallel message handlers.
2016-09-27T11:48:31.961Z INFO  [cluster] Cluster created with settings 
{hosts=[xxx.xxx.xxx.146:27017], mode=MULTIPLE, 
requiredClusterType=REPLICA_SET, serverSelectionTimeout='30000 ms', 
maxWaitQueueSize=5000, requiredReplicaSetName='graylogDist'}
2016-09-27T11:48:31.962Z INFO  [cluster] Adding discovered server 
xxx.xxx.xxx.146:27017 to client view of cluster
2016-09-27T11:48:32.088Z INFO  [cluster] No server chosen by 
ReadPreferenceServerSelector{readPreference=primary} from cluster 
description ClusterDescription{type=REPLICA_SET, connectionMode=MULTIPLE, 
serverDescriptions=[ServerDescription{address=xxx.xxx.xxx.146:27017, 
type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out
2016-09-27T11:48:32.985Z INFO  [connection] Opened connection 
[connectionId{localValue:1, serverValue:679}] to xxx.xxx.xxx.146:27017
2016-09-27T11:48:32.989Z INFO  [cluster] Monitor thread successfully 
connected to server with description 
ServerDescription{address=xxx.xxx.xxx.146:27017, type=REPLICA_SET_PRIMARY, 
state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 2, 9]}, 
minWireVersion=0, maxWireVersion=4, maxDocumentSize=16777216, 
roundTripTimeNanos=2538242, setName='graylogDist', 
canonicalAddress=xxx.xxx.xxx.146:27017, hosts=[xxx.xxx.xxx.146:27017], 
passives=[], arbiters=[], primary='xxx.xxx.xxx.146:27017', 
tagSet=TagSet{[]}, electionId=7fffffff0000000000000001, setVersion=1}
2016-09-27T11:48:32.995Z INFO  [cluster] Setting max election id to 
7fffffff0000000000000001 from replica set primary xxx.xxx.xxx.146:27017
2016-09-27T11:48:32.996Z INFO  [cluster] Setting max set version to 1 from 
replica set primary xxx.xxx.xxx.146:27017
2016-09-27T11:48:32.996Z INFO  [cluster] Discovered replica set primary 
xxx.xxx.xxx.146:27017
2016-09-27T11:48:33.066Z INFO  [connection] Opened connection 
[connectionId{localValue:2, serverValue:680}] to xxx.xxx.xxx.146:27017
2016-09-27T11:48:33.580Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] version[2.3.5], pid[3197], 
build[90f439f/2016-07-27T10:36:52Z]
2016-09-27T11:48:33.580Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] initializing ...
2016-09-27T11:48:33.585Z INFO  [plugins] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] modules [], plugins 
[graylog-monitor], sites []
2016-09-27T11:48:35.536Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] initialized
2016-09-27T11:48:35.813Z INFO  [Version] HV000001: Hibernate Validator 
5.2.4.Final
2016-09-27T11:48:36.132Z INFO  [ProcessBuffer] Initialized ProcessBuffer 
with ring size <65536> and wait strategy <BlockingWaitStrategy>.
2016-09-27T11:48:38.654Z INFO  [RulesEngineProvider] No static rules file 
loaded.
2016-09-27T11:48:38.822Z WARN  [GeoIpResolverEngine] GeoIP database file 
does not exist: /tmp/GeoLite2-City.mmdb
2016-09-27T11:48:38.828Z INFO  [OutputBuffer] Initialized OutputBuffer with 
ring size <65536> and wait strategy <BlockingWaitStrategy>.
2016-09-27T11:48:38.892Z WARN  [GeoIpResolverEngine] GeoIP database file 
does not exist: /tmp/GeoLite2-City.mmdb
2016-09-27T11:48:38.934Z WARN  [GeoIpResolverEngine] GeoIP database file 
does not exist: /tmp/GeoLite2-City.mmdb
2016-09-27T11:48:38.973Z WARN  [GeoIpResolverEngine] GeoIP database file 
does not exist: /tmp/GeoLite2-City.mmdb
2016-09-27T11:48:39.028Z WARN  [GeoIpResolverEngine] GeoIP database file 
does not exist: /tmp/GeoLite2-City.mmdb
2016-09-27T11:48:39.894Z INFO  [ServerBootstrap] Graylog server 
2.1.1+01d50e5 starting up
2016-09-27T11:48:39.896Z INFO  [ServerBootstrap] JRE: Oracle Corporation 
1.8.0_101 on Linux 4.2.0-42-generic
2016-09-27T11:48:39.896Z INFO  [ServerBootstrap] Deployment: deb
2016-09-27T11:48:39.897Z INFO  [ServerBootstrap] OS: Ubuntu 14.04.5 LTS 
(trusty)
2016-09-27T11:48:39.898Z INFO  [ServerBootstrap] Arch: amd64
2016-09-27T11:48:39.904Z WARN  [DeadEventLoggingListener] Received 
unhandled event of type <org.graylog2.plugin.lifecycles.Lifecycle> from 
event bus <AsyncEventBus{graylog-eventbus}>
2016-09-27T11:48:40.053Z INFO  [PeriodicalsService] Starting 25 periodicals 
...
2016-09-27T11:48:40.053Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling 
every [1s].
2016-09-27T11:48:40.056Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.AlertScannerThread] periodical in [10s], polling 
every [60s].
2016-09-27T11:48:40.057Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical 
in [0s], polling every [1s].
2016-09-27T11:48:40.059Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ClusterHealthCheckThread] periodical in [120s], 
polling every [20s].
2016-09-27T11:48:40.060Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ContentPackLoaderPeriodical] periodical, running 
forever.
2016-09-27T11:48:40.060Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.GarbageCollectionWarningThread] periodical, 
running forever.
2016-09-27T11:48:40.060Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], 
polling every [30s].
2016-09-27T11:48:40.065Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling 
every [300s].
2016-09-27T11:48:40.066Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling 
every [10s].
2016-09-27T11:48:40.068Z INFO  [IndexRetentionThread] Elasticsearch cluster 
not available, skipping index retention checks.
2016-09-27T11:48:40.069Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.NodePingThread] periodical in [0s], polling every 
[1s].
2016-09-27T11:48:40.099Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling 
every [1800s].
2016-09-27T11:48:40.154Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] starting ...
2016-09-27T11:48:40.171Z INFO  [connection] Opened connection 
[connectionId{localValue:3, serverValue:681}] to xxx.xxx.xxx.146:27017
2016-09-27T11:48:40.174Z INFO  [IndexerClusterCheckerThread] Indexer not 
fully initialized yet. Skipping periodic cluster check.
2016-09-27T11:48:40.238Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], 
polling every [1s].
2016-09-27T11:48:40.260Z INFO  [Periodicals] Starting 
[org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling 
every [1s].
2016-09-27T11:48:40.266Z INFO  [Periodicals] Starting 
[org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], 
polling every [86400s].
2016-09-27T11:48:40.267Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running 
forever.
2016-09-27T11:48:40.272Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, 
running forever.
2016-09-27T11:48:40.273Z INFO  [connection] Opened connection 
[connectionId{localValue:4, serverValue:682}] to xxx.xxx.xxx.146:27017
2016-09-27T11:48:40.275Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], 
polling every [3600s].
2016-09-27T11:48:40.314Z INFO  [PeriodicalsService] Not starting 
[org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not 
configured to run on this node.
2016-09-27T11:48:40.316Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.AlarmCallbacksMigrationPeriodical] periodical, 
running forever.
2016-09-27T11:48:40.318Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, 
running forever.
2016-09-27T11:48:40.405Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.LdapGroupMappingMigration] periodical, running 
forever.
2016-09-27T11:48:40.406Z INFO  [Periodicals] Starting 
[org.graylog2.periodical.IndexFailuresPeriodical] periodical, running 
forever.
2016-09-27T11:48:40.406Z INFO  [connection] Opened connection 
[connectionId{localValue:5, serverValue:683}] to xxx.xxx.xxx.146:27017
2016-09-27T11:48:40.451Z INFO  [Periodicals] Starting 
[org.graylog.plugins.usagestatistics.UsageStatsNodePeriodical] periodical 
in [300s], polling every [21600s].
2016-09-27T11:48:40.469Z INFO  [Periodicals] Starting 
[org.graylog.plugins.usagestatistics.UsageStatsClusterPeriodical] 
periodical in [300s], polling every [21600s].
2016-09-27T11:48:40.481Z INFO  [Periodicals] Starting 
[org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] 
periodical in [0s], polling every [3600s].
2016-09-27T11:48:40.927Z INFO  [transport] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] publish_address 
{xxx.xxx.xxx.162:9350}, bound_addresses {xxx.xxx.xxx.162:9350}
2016-09-27T11:48:40.937Z INFO  [discovery] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] 
graylog-distribution/sT_dlojZS0uUb9jTRbTjEw
2016-09-27T11:48:41.044Z INFO  [JerseyService] Enabling CORS for HTTP 
endpoint
2016-09-27T11:48:43.958Z WARN  [discovery] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] waited for 3s and no initial 
state was set by the discovery
2016-09-27T11:48:43.958Z INFO  [node] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] started
2016-09-27T11:48:44.221Z INFO  [service] 
[graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5] detected_master 
{dcso-elasticsearch1}{oiAeoGOnRgGm42cLGAbM1A}{xxx.xxx.xxx.130}{xxx.xxx.xxx.130:9300}{master=true},
 
added 
{{dcso-elasticsearch1}{oiAeoGOnRgGm42cLGAbM1A}{xxx.xxx.xxx.130}{xxx.xxx.xxx.130:9300}{master=true},},
 
reason: zen-disco-receive(from master 
[{dcso-elasticsearch1}{oiAeoGOnRgGm42cLGAbM1A}{xxx.xxx.xxx.130}{xxx.xxx.xxx.130:9300}{master=true}])
2016-09-27T11:48:48.222Z INFO  [NetworkListener] Started listener bound to 
[xxx.xxx.xxx.162:12900]
2016-09-27T11:48:48.224Z INFO  [HttpServer] [HttpServer] Started.
2016-09-27T11:48:48.224Z INFO  [JerseyService] Started REST API at 
<http://xxx.xxx.xxx.162:12900/>
2016-09-27T11:48:48.225Z INFO  [ServiceManagerListener] Services are healthy
2016-09-27T11:48:48.226Z INFO  [InputSetupService] Triggering launching 
persisted inputs, node transitioned from Uninitialized?[LB:DEAD] to 
Running?[LB:ALIVE]
2016-09-27T11:48:48.226Z INFO  [ServerBootstrap] Services started, startup 
times in ms: {InputSetupService [RUNNING]=13, OutputSetupService 
[RUNNING]=110, BufferSynchronizerService [RUNNING]=111, KafkaJournal 
[RUNNING]=111, JournalReader [RUNNING]=195, PeriodicalsService 
[RUNNING]=457, IndexerSetupService [RUNNING]=4139, JerseyService 
[RUNNING]=8144}
2016-09-27T11:48:48.234Z INFO  [ServerBootstrap] Graylog server up and 
running.

###########################################################################################################################################################

I am attaching the */var/log/elasticsearch/graylog-distribution.log * from  
elasticsearch virtual machine  and *mongodb* logs files in the post if you 
want to see the more information.

clearly, the mongodb and elasticsearch are connected successfully with 
*graylog-server.*

how can i use the rest-api of *graylog-server *in *graylog-web. *

if you need more information I will provide.


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/9fdba180-2cb3-4630-9e8a-bbfd4a95547e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[2016-09-27 07:34:58,233][INFO ][node                     ] 
[dcso-elasticsearch1] version[2.4.0], pid[1959], 
build[ce9f0c7/2016-08-29T09:14:17Z]
[2016-09-27 07:34:58,234][INFO ][node                     ] 
[dcso-elasticsearch1] initializing ...
[2016-09-27 07:34:59,732][INFO ][plugins                  ] 
[dcso-elasticsearch1] modules [reindex, lang-expression, lang-groovy], plugins 
[head], sites [head]
[2016-09-27 07:34:59,842][INFO ][env                      ] 
[dcso-elasticsearch1] using [1] data paths, mounts [[/ 
(/dev/dcso_vg/dcso-elasticsearch1)]], net usable_space [2.6gb], net total_space 
[4.7gb], spi
ns? [possibly], types [ext3]
[2016-09-27 07:34:59,843][INFO ][env                      ] 
[dcso-elasticsearch1] heap size [989.8mb], compressed ordinary object pointers 
[true]
[2016-09-27 07:35:02,593][INFO ][node                     ] 
[dcso-elasticsearch1] initialized
[2016-09-27 07:35:02,593][INFO ][node                     ] 
[dcso-elasticsearch1] starting ...
[2016-09-27 07:35:02,799][INFO ][transport                ] 
[dcso-elasticsearch1] publish_address {xxx.xxx.xxx.130:9300}, bound_addresses 
{[::1]:9300}, {127.0.0.1:9300}, {[fe80::5054:5aff:fe91:d608]:9300}, {8
0.159.246.130:9300}
[2016-09-27 07:35:02,804][INFO ][discovery                ] 
[dcso-elasticsearch1] graylog-distribution/oiAeoGOnRgGm42cLGAbM1A
[2016-09-27 07:35:05,833][INFO ][cluster.service          ] 
[dcso-elasticsearch1] new_master 
{dcso-elasticsearch1}{oiAeoGOnRgGm42cLGAbM1A}{xxx.xxx.xxx.130}{xxx.xxx.xxx.130:9300}{master=true},
 reason: zen-disco
-join(elected_as_master, [0] joins received)
[2016-09-27 07:35:05,858][INFO ][http                     ] 
[dcso-elasticsearch1] publish_address {xxx.xxx.xxx.130:9200}, bound_addresses 
{[::1]:9200}, {127.0.0.1:9200}, {[fe80::5054:5aff:fe91:d608]:9200}, {8
0.159.246.130:9200}
[2016-09-27 07:35:05,859][INFO ][node                     ] 
[dcso-elasticsearch1] started
[2016-09-27 07:35:05,877][INFO ][gateway                  ] 
[dcso-elasticsearch1] recovered [0] indices into cluster_state
[2016-09-27 07:48:01,926][INFO ][cluster.service          ] 
[dcso-elasticsearch1] added 
{{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{lH7xx5Y7QFyG3379CVNnbA}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=tru
e, data=false, master=false},}, reason: zen-disco-join(join from 
node[{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{lH7xx5Y7QFyG3379CVNnbA}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=true,
 data=false, mast
er=false}])
[2016-09-27 07:48:07,904][INFO ][cluster.metadata         ] 
[dcso-elasticsearch1] [graylog_0] creating index, cause [api], templates 
[graylog-internal], shards [4]/[0], mappings [message]
[2016-09-27 07:48:08,222][INFO ][cluster.routing.allocation] 
[dcso-elasticsearch1] Cluster health status changed from [RED] to [GREEN] 
(reason: [shards started [[graylog_0][3], [graylog_0][1], [graylog_0][3]
, [graylog_0][1]] ...]).
[2016-09-27 08:01:48,805][INFO ][cluster.service          ] 
[dcso-elasticsearch1] removed 
{{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{lH7xx5Y7QFyG3379CVNnbA}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=t
rue, data=false, master=false},}, reason: 
zen-disco-node-left({graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{lH7xx5Y7QFyG3379CVNnbA}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=true,
 data=false, master=false
}), reason(left)
[2016-09-27 08:02:56,032][INFO ][cluster.service          ] 
[dcso-elasticsearch1] added 
{{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{6J4iZ2A7TCyfsu4MXld7nw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=tru
e, data=false, master=false},}, reason: zen-disco-join(join from 
node[{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{6J4iZ2A7TCyfsu4MXld7nw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=true,
 data=false, mast
er=false}])
[2016-09-27 11:48:05,117][INFO ][cluster.service          ] 
[dcso-elasticsearch1] removed 
{{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{6J4iZ2A7TCyfsu4MXld7nw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=t
rue, data=false, master=false},}, reason: 
zen-disco-node-left({graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{6J4iZ2A7TCyfsu4MXld7nw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=true,
 data=false, master=false
}), reason(left)
[2016-09-27 11:48:43,912][INFO ][cluster.service          ] 
[dcso-elasticsearch1] added 
{{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{sT_dlojZS0uUb9jTRbTjEw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=tru
e, data=false, master=false},}, reason: zen-disco-join(join from 
node[{graylog-56eadd30-28b7-4eb1-a605-8ef7e1f702c5}{sT_dlojZS0uUb9jTRbTjEw}{xxx.xxx.xxx.162}{xxx.xxx.xxx.162:9350}{client=true,
 data=false, mast
er=false}])

2016-09-27T12:38:58.504Z I NETWORK  [initandlisten] connection accepted from 
xxx.xxx.xxx.162:48344 #8 (8 connections now open)
2016-09-27T12:38:58.504Z I NETWORK  [initandlisten] connection accepted from 
xxx.xxx.xxx.162:48346 #9 (9 connections now open)
2016-09-27T12:38:58.523Z I ACCESS   [conn2] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.524Z I ACCESS   [conn3] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.546Z I ACCESS   [conn6] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.551Z I ACCESS   [conn9] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.554Z I ACCESS   [conn4] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.555Z I ACCESS   [conn5] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.557Z I ACCESS   [conn8] Successfully authenticated as 
principal jenkins on graylog
2016-09-27T12:38:58.563Z I ACCESS   [conn7] Successfully authenticated as 
principal jenkins on graylog

[graylog2] Trying to manage the Graylog Server with the separate graylog web in 2.1.1 version

Reply via email to